Cybersecurity has become a part of everyday life, as breach after breach is reported. But not every incident involves credit cards or customer data. It is equally important to recognize the risks to employee privacy and a company’s intellectual property where the perpetrators may not be external nation-states or criminal hackers.

There are two simultaneous trends that affect everyone involved in the development, use, monitoring and management of information systems in both the public and private sectors. There have been a continuous string of data breaches involving personally identifiable information (PII) and protected health care information (PHI)—many of them incredibly serious, but also somewhat repetitive as organization after organization is successfully attacked. There have also been instances of intellectual property theft that have led to a laser-beam focus on cybersecurity. Many companies now recognize that they need to take proactive steps that will enable them either to prevent cyberattacks, or to rapidly detect and effectively respond to them. This growing recognition has put cybersecurity managers and specialists in the crosshairs of executives and boards.